<?php


namespace app\middleware;


use support\exception\BusinessException;
use Webman\Http\Request;
use Webman\Http\Response;
use Webman\MiddlewareInterface;

class CheckApiSignMiddleware implements MiddlewareInterface
{
    public function process(Request $request,callable $handler) : Response
    {
        if (env('IS_CHECK_SIGN', true)) {
            if (!$this->checkSign($request->all())) {

//                throw new BusinessException('无权限访问', 3000);
//                return response('无权限访问');
                return response(ApiReturn(RETURN_FAIL,'无权限访问'));
            }
        }
        return $handler($request);
    }

    public function checkSign($param)
    {
//        echo 4421;exit();
        $timeStr = isset($param['timestamp']) ? $param['timestamp'] : "";
        if (!$timeStr) {
            return false;
        }

        //10分钟后签名失效
        if ($timeStr < (NowTime() - 600)) {
            return false;
        }

        $sign = array_key_exists('sign', $param) ? $param['sign'] : false;
        if (!$sign) {
            return false;
        }

        $randStr = array_key_exists('randstr', $param) ? $param['randstr'] : false;
        if (!$randStr) {
            return false;
        }

        $platform = array_key_exists('platform', $param) ? $param['platform'] : false;
        if (!$platform) {
            return false;
        }

        $platformList = [
            'ios',
            'android',
            'h5',
            'pc',
            'dev',
            'H5WeChat',
            'TT'
        ];

        if (!in_array($platform, $platformList)) {
            return false;
        }

//        $tempParam = $this->formatData($param);
        unset($param['sign']);

//        error_log(date('Y-m-d H:i:s') . ' 加密前参数:' . var_export($param,true) . "\r\n\r\n", 3, env('LOG_ROOT') . '/sign-' . date('Y-m-d') . '.log');


        $keyList = [];
        try {
            foreach ($param as $key => $item) {
                error_log(date('Y-m-d H:i:s') . ' 字符串:' . $key.'=>'.$item . "\r\n\r\n", 3, env('LOG_ROOT') . '/sign-' . date('Y-m-d') . '.log');

                if ($key == 'gameParam'){
                    $itemTemp = json_decode($item,true);
                    if (isset($itemTemp['avatar_url'])){
                        $item = json_encode($itemTemp,320);
                    }

                }
//                error_log(date('Y-m-d H:i:s') . ' 字符串:' . $key.'=>'.$item . "\r\n\r\n", 3, env('LOG_ROOT') . '/sign-' . date('Y-m-d') . '.log');

                $keyList[$key] = md5("{$key}_{$item}");
            }
        } catch (Exception $e) {
            return false;
        }
        $keyStr = env('APP_SOCKET_KEY', 'DMOGAMESLOVEARCHITECTURE');

        ksort($keyList);
        $signStr = urldecode($keyStr . http_build_query($keyList) . $keyStr);

//        error_log(date('Y-m-d H:i:s') . ' 加密后字符串:' . $signStr . "\r\n\r\n", 3, env('LOG_ROOT') . '/sign-' . date('Y-m-d') . '.log');


        $checkSign = md5($signStr);
//        error_log(date('Y-m-d H:i:s') . ' 前端传的签名:'.$sign.' 最终的加密值:' . $checkSign . "\r\n\r\n", 3, env('LOG_ROOT') . '/sign-' . date('Y-m-d') . '.log');

        return $sign == $checkSign;
    }

}